2021: The State of Privacy

Data Breach Today

IAPP's Trevor Hughes Previews the Year's Global Trends, Challenges and Legislation From contact tracing to data transfer to the new California Privacy Rights Act, 2021 already is shaping up to be a big year for privacy.

OnDemand | 2021 Pharmaceutical Threat Outlook

Data Breach Today

Thwarting Mobile Phishing

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Microsoft Patch Tuesday, January 2021 Edition

Krebs on Security

Microsoft today released updates to plug more than 80 security holes in its Windows operating systems and other software, including one that is actively being exploited and another which was disclosed prior to today.

2021: The Evolution of Zero Trust

Data Breach Today

What further evolution can we expect in 2021

Risk 148

Beat the Bad Guys: Contact Center Security Solutions For Fraud Detection For 2021 and Beyond

Data Breach Today

Beat the Bad Guys: Contact Center Security Solutions For Fraud Detection For 2021 and Beyond Explore Evolving Challenges and Solutions in The Fight Against Fraud.

5 key trends that will impact cyber security in 2021

DXC

But one thing won’t change: In 2021, as is the case every year, companies will continue to be challenged by new or evolving cyber security threats. The post 5 key trends that will impact cyber security in 2021 appeared first on DXC Blogs. Will this year be as tumultuous as 2020?

Cyber Incident Knocks Construction Firm Palfinger Offline

Data Breach Today

Unknown Attack Has Disrupted the Company's Global IT Infrastructure The Austrian construction equipment manufacturing firm Palfinger AG reports being hit with a cyberattack that has knocked the majority of its worldwide IT infrastructure offline, eliminating its ability to use email and conduct business.

Energy industry 2021 predictions

OpenText Information Management

As these companies head into 2021 they continue to face the fallout from disparate – yet equally challenging – business disruptors. Mining companies, meanwhile, are … The post Energy industry 2021 predictions appeared first on OpenText Blogs.

Pediatric Hospital Faces Lawsuit After Blackbaud Breach

Data Breach Today

Case Spotlights Critical Vendor Security Risk Issues A proposed class action lawsuit has been filed against Rady Children's Hospital-San Diego in the wake of data breach resulting from a ransomware attack on Blackbaud, the hospital's cloud-based fundraising software vendor

DDoS Attackers Exploit Vulnerable Microsoft RDP Servers

Data Breach Today

Researchers: 33,000 Vulnerable Servers Could Be Used to Amplify Attacks Threat actors are exploiting vulnerable Microsoft Remote Desktop Protocol servers to amplify DDoS attacks, according to a report from Netscout, which offers mitigation advice

212
212

Fueled by Record Profits, Ransomware Persists in New Year

Data Breach Today

Increasing Ransomware Varieties and Attack Volume Look Set to Continue, Experts Warn Ransomware dominated the cybercrime landscape in 2020 and looks set to do so again this year, as criminals seek fresh new ways to make victims pay.

Intel Investigating Hack of Confidential Financial Report

Data Breach Today

Incident Forced Intel to Release Results Earlier Than Planned Intel is investigating an incident in which an unauthorized person accessed a portion of the company's latest quarterly financial report, forcing the chipmaker to release its earnings slightly earlier than planned

Access 220

Biden Inauguration: Defending Against Cyberthreats

Data Breach Today

Experts Warn of an Elevated Risk of Attack From Domestic, Foreign Actors As thousands of National Guard troops pour into Washington to provide security for the Jan.

Chinese Hacking Group Targets Airlines, Semiconductor Firms

Data Breach Today

Chimera' Exfiltrates Intellectual Property, Personal Data A hacking group with apparent ties to China is targeting airlines and semiconductor firms to steal intellectual property and personal data in repeated exfiltration efforts, according to the NCC Group

SolarWinds Hires Chris Krebs to Reboot Its Cybersecurity

Data Breach Today

Hacked Firm Also Taps Former Facebook CSO as It Responds to Supply Chain Attack As security software firm SolarWinds investigates the supply chain attack involving its Orion software and looks to rebuild its security processes and reputation, it's hired former U.S.

Biden's $10 Billion Cybersecurity Proposal: Is It Enough?

Data Breach Today

Security Experts Say Proposal Amounts to a 'Down Payment' President-elect Joe Biden's $1.9 trillion plan for COVID-19 relief includes nearly $10 billion in cybersecurity and IT spending. Some security experts hope the amount as just a "down payment" toward a broader effort

Defining and Refining Next-Gen AML

Data Breach Today

David Stewart of SAS on the Tools and Technologies Deployed to Fight Financial Crimes As the financial payments landscape shifts, and as fraudsters employ new technologies and techniques, institutions are deploying a next generation of anti-money laundering defenses.

IT 260

Privacy Fines: Total GDPR Sanctions Reach $331 Million

Data Breach Today

But Across Europe, Total Fines and Breach Reports Continue to Vary Widely by Country Privacy watchdogs in Europe have imposed fines totaling more than $330 million since the EU's General Data Protection Regulation went into full effect in May 2018, according to law firm DLA Piper.

GDPR 231

Fueled by Profits, Ransomware Persists in New Year

Data Breach Today

Increasing Ransomware Varieties and Attack Volume Look Set to Continue, Experts Warn Ransomware dominated the cybercrime landscape in 2020 and looks set to do so again this year, as criminals seek fresh new ways to make victims pay.

'Raindrop' Is Latest Malware Tied to SolarWinds Hack

Data Breach Today

Researchers: Backdoor Is Fourth Malware Variant Used During Attacks Symantec Threat Intelligence says it's uncovered another malware variant used in the SolarWinds supply chain hack - a loader nicknamed "Raindrop" that apparently was used to deliver Cobalt Strike, a legitimate penetration testing tool, to a handful of targets.

IT 225

Sealed U.S. Court Records Exposed in SolarWinds Breach

Krebs on Security

The ongoing breach affecting thousands of organizations that relied on backdoored products by network software firm SolarWinds may have jeopardized the privacy of countless sealed court documents on file with the U.S.

Tesla Sues Former Employee, Alleges IP Theft

Data Breach Today

Company Claims Newly Hired Engineer Downloaded Software Files to Dropbox Tesla has filed a lawsuit against a former employee who the carmaker says stole thousands of confidential software files almost immediately after being hired in December

184
184

Analysis: 2020 Health Data Breach Trends

Data Breach Today

Ransomware, Phishing Incidents, Vendor Hacks Prevail Hacking incidents, including ransomware and phishing attacks, as well as security incidents involving vendors dominated the federal tally of major health data breaches in 2020

Biden Fills 3 Cybersecurity Positions

Data Breach Today

Senior Director for Cyber and Others Announced President Joe Biden's cybersecurity team is beginning to take shape, with three appointments recently announced, including Michael Sulmeyer as senior director for cyber

Federal Courts Investigate 'Apparent Compromise' of System

Data Breach Today

Meanwhile, Courts Suspend Use of SolarWinds, Adopt New Document Security Measures The U.S. federal court system is investigating an "apparent compromise" of a confidential electronic filing system used for sensitive legal documents.

IT 248

Top 3 technology trends for Healthcare in 2021

OpenText Information Management

2021 will be dominated by several major themes including the increase in remote health, improved personalization and patient engagement, and a significant focus on improved cyber security. 2020 was the most difficult year in recent history for Healthcare providers.

Texas Medical Center Breach Affects 640,000

Data Breach Today

Apparent Ransomware Attack Exposed Patient Information An apparent ransomware incident at a Texas healthcare organization has potentially compromised the protected health information of more than 640,000 individuals

President Biden Orders SolarWinds Intelligence Assessment

Data Breach Today

New Administration Signals Importance of Cybersecurity to National Security Agenda The new Biden administration has pledged to hold Russia accountable for its recent "reckless and adversarial" actions and has ordered a full-scale intelligence review of the SolarWinds hack.

Microsoft Describes How SolarWinds Hackers Avoided Detection

Data Breach Today

Attackers Went to Great Lengths to Separate the Backdoor From Loader Microsoft researchers are offering fresh details on the SolarWinds hackers' extensive efforts to remain hidden, which gave them more time to fully penetrate systems, move laterally through networks and exfiltrate data in follow-on attacks.

203
203

SolarWinds Supply Chain Hack: Investigation Update

Data Breach Today

Also featured: A discussion of why security education is so crucial in 2021 and tips on how to retain SOC analysts The latest edition of the ISMG Security Report describes new details emerging from the SolarWinds supply chain hack investigation.

SonicWall Investigating Zero-Day Attacks Against Its Products

Data Breach Today

Company Says Certain VPNs and Gateways Affected By 'Coordinated Attack' Security vendor SonicWall is investigating what the company calls a "coordinated attack" against its internal network by threat actors using a zero-day exploit within the company's remote access products.

IT 184

Cryptomining Campaign Linked to Iranian Software Firm

Data Breach Today

MrbMiner Malware Has Targeted Thousands of Microsoft SQL Servers An ongoing global cryptomining campaign has connections to an Iranian software firm, according to a report from Sophos. The MrbMiner malware has targeted thousands of vulnerable Microsoft SQL Servers

198
198

Capitol Breach: Cybersecurity Lessons to Apply

Data Breach Today

Brian Honan: Security Professionals Can Take Action to Minimize Risks The physical breach of the U.S.

Kaspersky: SolarWinds Backdoor Similar to Russian 'Kazuar'

Data Breach Today

For Example, Both Backdoors Use Same 'Sleeping' Algorithm The "Sunburst" backdoor deployed in the breach of SolarWinds' Orion network monitoring tool uses some of the same code found in the "Kazuar" backdoor, which security researchers have previously tied to Russian hackers, the security firm Kaspersky reports.

'FreakOut' Botnet Targets Unpatched Linux Systems

Data Breach Today

Researchers Says Malicious Network Could Be Used to Launch DDoS Attacks Researchers at Check Point Research are tracking a new botnet dubbed "FreakOut" that's targeting vulnerabilities in Linux systems. The malware is creating a malicious network that has the potential to launch DDoS attacks

198
198

Getting the Most Out of an AI Deployment

Data Breach Today

SWIFT's Guy Sheppard on the Challenges of Using AI to Enhance Security Many companies claim to be successfully using artificial intelligence for security, but the use cases are still not convincing because the technology is incapable of detecting unknown malware, says Guy Sheppard of SWIFT

Catches of the month: Phishing scams for January 2021

IT Governance

The start of 2021 is looking an awful lot like the end of 2020 – not least when it comes to cyber crime. Meanwhile, KnowBe4 spotted a scam exploiting a news report that claimed that the Pfizer/BioNTech vaccine might not reach the US in large volumes until the spring of 2021.

OpenWRT Project Community Investigating Data Breach

Data Breach Today

Fraudsters Are Using Google Forms to Evade Email Filters

Data Breach Today

Emails Are Likely a Reconnaissance Mission for Future Email Compromise Fraudsters are using Google forms to target retail, telecom, healthcare, energy and manufacturing companies in an apparent reconnaissance campaign to identify targets for a possible follow-up business email compromise attack

Retail 179

Reserve Bank of New Zealand Investigates Data Breach

Data Breach Today

Hackers Gained Network Access Through Accellion File-Sharing Service The Reserve Bank of New Zealand disclosed Sunday that hackers infiltrated its network after compromising its file-sharing system from Accellion.